A security loader, along the lines of the contentloader to make it possible to populate ACL,s and Authorizables on startup --------------------------------------------------------------------------------------------------------------------------
Key: SLING-981 URL: https://issues.apache.org/jira/browse/SLING-981 Project: Sling Issue Type: New Feature Components: JCR Contentloader Reporter: Ian Boston Th small tar to follow allows bundles to include a Sakai-Initial-Security (to be renamed) header in the manifest that points to a json file containing acl and authorizable setup for the repository. This may include users or groups as required by the acl's and the acls. In for form { "principals" : [ { "name":"owner", "isgroup":"true", "members":[], "dynamic":"true" }, { "name":"everyone", "isgroup":"true", "members":[], "dynamic":"true" } ], "acl" : [ { "path":"/_private", "principal":"owner", "privil...@jcr:read":"granted", "privil...@jcr:write":"granted" }, { "path":"/public", "principal":"owner", "privil...@jcr:read":"granted", "privil...@jcr:write":"granted" }, { "path":"/public", "principal":"everyone", "privil...@jcr:read":"granted" } ] } The code is largely based on the contentloader with quite a bit of copying (ugly sorry), but since it may not be wanted in in some installations I feel its better off in its own bundle. If its acceptable to have it in all distributions, then obviusly it should be a patch to contentloader. I looked and asked for this functionality already existing in Sling, but could not find it hence the patch. If there is a better way of doing the same already in the code base then closing this with "invalid" would be the right thing to do. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.